Jump to content

Ivanbb

Registered Users

Change your profile picture
  • Posts

    22
  • Joined

  • Last visited

Reputation

1 Neutral
  1. I have three accounts, one active and two rarely used. One was "Frozen" due to inactivity. I received a letter telling me to go to the branch to un freeze it. Long story short I had a right barny because the rep wanted to photocopy my Passport and send it to "central office". Insisting the photocopy would not be kept on a database that was her first lie. During the conversation it was insisted a drivers license (or utility bill) and a Passport or something with my photo on were required. Her claim was that after a year of inactivity accounts are frozen for security reasons. That was her second lie. At this point you need to know I've been going to this branch bank for the past 20 years. During the conv the rep insisted details were not on file and need to be updated, yet it emerged when cross questioned that my address name and other details were clearly listed under my active account. My other dormant account containing more funds, had been dormant for over four years, and not been frozen. This insistance on freezing for security reasons was disturbing, as if there was no activity why should there be cause for suspicious activity or any other security risk? The cream in this cake is when I "UN-froze" the account over the telephone. No passport, no drivers license required. However the mass of information they gave me over the phone (Yes... they gave it to me) when unfreezing the account was information mostly forgotton from around 2001, and it's now 2018! The telephone representitive must have been on commission. He created a telephone banking account and input old data about me taking over fifty minutes using existing data to confirm everything from my date of birth to my Limited Company details from the turn of the century; pausing for over a minute between each batch of info confirmed. I believe he was entering my personal data into a credit database for verification, something I've never needed, desired, nor been a part of. I'll be closing all accounts; but my concern is that HSBC have now significantly increased the risk that I might be a target of identity theft. My thoughts are that freezing accounts is a [problem] used to collect data otherwise denied by the now active GDPR. The current banking rules mean I would not be able to withdraw my own funds from my own account in my own branch without presenting data to the HSBC database which they don't have. How can a bank be allowed to do this?
  2. I just read (in brief) the new Halifax terms and conditions. Check section "25 - K" Does anyone else think a synopsis might read: "If our system breaks down, or anyone else connected breaks down we're not responsible because it's unusal" and: "We can breech our agreement if any regulation (Not Law I might add ) requires we do so. Really! This reads like "It's not us, we were not there, and if you say we were we will deny it and refer to our terms and conditions."
  3. I received a snail mail from a pension company. The envelope was empty, probably because it wasn't sealed properly .. or so I thought... I rang the sender to get the letter re-posted. The company would not resend the letter without a national insurance number. It seems a little odd that they can't trace a letter using a name address and postcode, even though they already sent it!! What if this was a spam complaint under the data protection act? .... The sender seems genuine. It could simply be an awful database. But it could also be a good phishing game. Sending empty envelopes is brilliant. Not everyone would throw it away. A percentage would be curious and investigate. All laws are covered when the customer releases personal info of thier own accord so some people would get caught.
  4. Thats Q.I. I'll watch for that next time I'm browsing. Crazy ... It seems reasonable if you connect to a server that YOUR computer identifies itself, but it can't be reasonable that the server collects information you don't wish to divulge.... let alone a completely different server. I thought that was part and parcel with the new cookie law. Thanks for the info
  5. It's not a Trojan dx100uk, Least if it is then the script kiddie writing it has a guaranteed job with Sophos! Yes I can bock firewall ports, or use the hosts file, but Your average housewife wouldn't have know anyone was looking at her PC or how to do that. Wasn't Google just recently slapped for doing something similar? Reauter Thompsan seem to be selling a service to promote inspecting PC's while users are browsing. Does anyone know anything about the service they are selling?
  6. Just came across a nasty piece of work while searching for PC parts on line. The firewall went wild, and started blocking all sorts of connections. Turns out a service called "Markmonitor" (64.124.14.70) was trying to connect to my network. Bit of research and it seems this company, part of Reuters, is monitoring services across the internet for "copyright reasons." But what the hell were they trying to connect to my PC for? Dabs and PCWorld have nothing to do with copyright! Anyone else heard of this service?
  7. I'm sure you're right. But who want's to go to court over something that hasn't yet happened? Isn't there a professional body who looks into unreasonable contract rules? Surely it's better to prevent unreasonable rules in the first place? It's a hard place for an individual to be in after the event.
  8. Barclaycard are changing the rules on 22 Nov. Barclaycard (Condition 1.3) may not give advance notice of a change in credit limit. Thats pretty scary!. I have one card used only for holidays. If they make changes without telling me I could easily find myself on holiday with an invalid credit card. I'm not one to beleive statements such as " Oh that will not happen to you Mr xxx." I've seen people arguing with hotel managers before and It's not pleasent being caught abroad without sufficient funds. Is it legal for Barclaycard to change the agreed credit limit on your card without notice??
  9. hi guys I think without publishing pages of records Slobrob pretty much provided a synopsis in his last thread. Your diagnosis, which has been suspected for years, could only be proven after fibre was installed, Until then aluminium and copper cable could have been the cause (Yes aluminium!!) Now It's almost certain to be the short distance between the premisis and cab. BT keep saying the problem could be with my equipment. Engineers on site were necessary to counter this. I've had nine modems, a bag full of filters, cables and two ISP's that say there's no fault on my side so it's time this was ruled out permenantly. It doesn't matter if it's 56K dial up, two meg adsl or 40 meg fibre, service always starts at max speed then the line is re-graded some months later to between 30% and 50% less than maximum. Now that fibre is up to 25 m away there's no reason for this. Exchange distance is not a factor in this case. I should be close enough to get full 21CN service. (Realistic speed 17 mb) Each time there's a fault I go through "channels." collect data, disconnect equipment check the master socket, etc etc and it's "down time" for my business. Being reasonable isn't working. However this is a hard legal case to win. Most likely BT will downgrade the line again and this becomes a contract despute over the minimum 12 mb (used to be 15 mb) guarenteed fibre speed. Fibre was sold as a cure to the long standing problem. I'm 25 m from the cab remember. I don't think it reasonable BT use the minimim speed loophole. This problem was predicted before the installation of fibre and I was assured installing fibre would cure the long standing problem. This needs to be either a highly public case or a high compensation successful court case to ensure the service from BT is improved for everyone. Help as to who has won such a case would be much appriciated.
  10. Thanks for the links. quite interesting but not quite where I want to go. This problem has a history.. Compensation of a few hundred pounds is peanuts. Technical support engineers have cost that much to have on standby when BT didn't turn up! (This is necessary because BT keep saying the line is within spec N.F.F.) I needs a permenant fix so that "Do Not Touch" is painted in red on the local BT frame when this is all resolved. The name of someone who's successfully sued and received significant compensation perhaps. This is the area I'm looking for help.
  11. Ok; I've had enough. How do I sue BT? Fibre optics were installed and this was supposed to cure the problems I've been having for the past eight years. It's been installed since November last year. First installed and tested @ the full 40 mb a few months later it drops to less than 20. sometimes less than 2 mb. Today I can hear noise on the line the same as I did eight years ago. This is definatly a BT issue. All my hardware is disconnected. The latest fault was reported last Friday. After many calls a BT engineer was arranged for Wednesday. (BT didn't show) then Thursday (BT didn't show) Now I've received a message telling me it will be repaired by Sunday evening, and still don't know if a BT engineer is expected to turn up. I need advice on the best way to take legal action. Claims are tricky , because BT contract clauses are tight. But I'm 25 meters from the cab. How close do I have to be to get the advertised service? Is this not an advertising infringement?Surely you can't sell a service that drops to less than half advertised shortly after installed?Two engineers were waiting around for five hours when BT didn't show. BT make a very big deal of stating "If it's your fault then you pay for the engineers time." What about my time? and the cost of the other engineers time?
  12. I've an open thread about PCI compliance and just had a thought regarding the recent Sony Playstation server hack. Sony must have some pretty high security standards; much higher than the average company would usually install and yet personal credit card information was hacked. How on earth is a small to medium company supposed to stand up to the new rules credit card companies are imposing if Sony can get hacked? £50,000 fine is nothing to Sony but that will put most small companies out of business... Or is that the idea?
  13. The security Industry is using PCI to mean Payment Card Industry. First proposed around 2002 it came into force this year. Barclays insist anyone handeling customer credit card information must follow the new rules laid down or potentially be held liable for loss in the event thier computers are hacked. Basically you must now register your company security details with Barclays chosen American security company and subject your PC or network to regular external checks. Effectively slic123, its a means of the bank cutting the cost of Fraud by blaming the customers security. "Reasonable care" is one thing and the principle can't be argued, but consider this: 1) The business is forced into giving it's security details to another company. 2) The security company currently doesn't know how to protect it's email database, let alone customer database. 3) If a new security exploit is discovered and the company is hacked, both Barclays and CC companies can wash thier hands of the blame. 4) Small IT companies providing Internet securety services to clients must qualify thorugh a governing security company that doesn't know how to send email without reveiling everyone in the email list. It seems to me there's a bigger risk in signing up than keeping personal security details personal. So... Can a company be held liable for not complying with these new banking rules?
  14. We're all getting spam about PCI compliance and banking policy. Is it legal? Reading between the lines it seems the banks have been "shaking hands" for proffit again. Internet security is abysmal, but banks wish to sell Internet banking because it's a high profit margin, even with level of fraud. 10 years down the line bankers still can't stop Internet fraud and can't be bothered to invest in better security so now they are insisting blame fall on the client if thier network is targetted and hacked. The last spam received from this American PCI company contained the email addresses of around 250 other companies. Sending the email addresses of others in thier database doesn't sound very smart to me. Nor does it sound like the action of a competent security company. I have no intention of submitting security deatail of any of my customers to a company which shows this level of incometance, or for that matter to any database which I have no control over. Where do we stand regarding the law? Can a client be held responsible by the bank if hacked?
  15. Ivanbb

    Not just #MBNA

    I just made a credit card purchase from PLAY.COM without the need to do anything except click. This seems a bit odd. Shouldn't I have to enter the three digit number every time for security? Are PLAY allowed to store this number? I didn't get redirected to the MBNA security website either. Anyone else found this?
×
×
  • Create New...